Commits on Jan 16, 2020

1. cli/start: remove the 1-minute hard shutdown timeout …

   Prior to this patch, after CockroachDB receives an instruction to
   gracefully shut down (signal, `Drain` request etc), the code for
   `cockroach start` would start a 1-minute countdown. If the graceful
   shutdown did not complete within that time, a hard shutdown was
   triggered instead.
   
   This behavior was neither necessary nor desirable.
   
   It is not necessary because process managers already have "process
   shutdown timeout" logic to force-shutdown a process that does not
   terminate in a timely manner. It is not the db's responsibility to do
   the service manager's job (in fact, the redundancy in behavior can be
   confusing to troubleshoot).
   
   It is not desirable either because in large clusters, a graceful
   shutdown may truly last longer than a minute. Graceful shutdowns are
   also rather important to ensure a smooth transition during e.g. a
   rolling upgrade, as they guarantee a transition without latency
   blips. Even though this `cockroach start` timeout is not the
   only such timeout through the code, it is one obstacle to painless
   graceful shutdowns and thus ought to be removed.
   
   This patch achieves just that.
   
   Release note (cli change): The CockroachDB node
   command (`start`/`start-single-node`) does not any more initiate a
   1-minute hard shutdown countdown after a request to gracefully
   terminates. This means that graceful shutdowns are now free to take
   longer than one minute. It also means that deployments where a
   maximum shutdown time must be enforced must now use a service manager
   that is suitably configured to do so.

   

   knz committed Jan 16, 2020
   Configuration menu

   • View commit details
   • Copy full SHA for d697c92
   • Browse repository at this point

   Copy the full SHA

   d697c92 View commit details

   Browse the repository at this point in the history